Global Retailer Credential Stuffing Case Study

Attack Types
Account Takeover
Credential Stuffing
May 17, 2021
Case Studies
In early 2018, one of the world’s largest retailers identified they were being frequently targeted by credential stuffing attacks. Using breached username and passwords, threat actors were gaining access to customer accounts to make fraudulent purchases, costing the tune of millions of pounds per month. Attackers can then sell on the validated account via the Dark Web.

The fraudulent activity not only cost the retailer directly, but also put the brand’s reputation at risk. Customers were continually locked out of accounts, asked to verify their legitimacy or required to reset their usernames and passwords following an attack, leaving many users feeling frustrated.

Netacea describes what measures were implemented to prevent credential stuffing to protect the retailer from both volumetric and low and slow credential stuffing attacks, freeing up their SOC team to focus on new and emerging threats.

Some content is hidden, to be able to see it login here Login

Blue-tinted background of a man watching a webinar

Host a Webinar with the MRC

Help the MRC community stay current on relevant fraud, payments, and law enforcement topics.
Submit a Request

Publish Your Document with the MRC

Feature your case studies, surveys, and whitepapers in the MRC Resource Center.
Submit Your Document

Related Resources

Cookies help us improve your website experience.
By using our website, you agree to our use of cookies.